Validation and verification

It is essential for cryptographic libraries
to compute exactly the functions that they are meant to compute,
and for those functions to be secure.
A signature-checking library is a security disaster
if it has a bug that accepts invalid signatures, for example,
or if the signature system that it implements is 512-bit RSA.

The same report includes
a complete step-by-step example of authenticated encryption,
independent implementations testing each step,
detailed security notes,
and references to the relevant literature.

The NaCl compilation scripts
test known outputs of each primitive for many different message lengths,
test consistency of different functions supported by the same primitive
(for example, crypto_stream_xor matches crypto_stream),
and test memory safety in several ways.